Facility Security Officers (FSO) need to address the reality of the day, and prepare for an Iranian retaliation following the drone attack in Baghdad which killed Iranian General Qassem Soleimani, who headed the Islamic Revolutionary Guard Corps’ Quds Force.
Not a single tear should be shed for Soleimani; he was at the top of the efforts which has kept Iran on the U.S. Department of State’s list of nations which support terror. The IRGC under Soleimani has shown itself to have global reach with the will and ability to conduct terror attacks far beyond the borders of Iran. He is responsible for authorizing attacks which have resulted in the deaths of hundreds of U.S. service members and citizens. His organization is responsible for providing sustenance, training and resources to Hezbollah across the globe. He promoted evil.
To think because a Facility Security Officer’s facilities are in the U.S they. are immune from being targeted is simply wrong. While China has been more flagrant in recent years, the IRGC also has human sources and intelligence officers within the United States operating on their behalf.
We don’t know where or when Iran will launch an attack.
searching out cleared Facilities
The Chinese have shown their ability to reconnoiter sensitive facilities; the Iranian’s have the same capabilities.
Indeed, in January 2017, German security services arrested and convicted a Pakistani national operating on behalf of the IRGC Quds Force for conducting surveillance and providing targeting packages (which included photos and videos) on locations and individuals of interest to the IRGC across Europe.
FSO’s need to revisit the physical security of their facilities.
gathering sensitive Information
The IRGC Quds has also shown its ability to conduct cyber operations. In 2016, the U.S. Department of Justice charged seven Iranians from within the IRGC with cyber attacks U.S. banks and financial institutions.
The same individuals were also charged with breaching the cybersecurity of the Bowman Dam (located in New York), specifically the SCADA system (supervisory control and data acquisition). Just hours after the death of Soleimani, via a Tweet, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, reminded his constituents (the critical infrastructure of the U.S.) to be mindful of the June 2019 warning concerning Iran’s cyber capabilities.
Given recent developments, re-upping our statement from the summer.
Bottom line: time to brush up on Iranian TTPs and pay close attention to your critical systems, particularly ICS. Make sure you’re also watching third party accesses! https://t.co/4G1P0WvjhS
— Chris Krebs #Protect2020 (@CISAKrebs) January 3, 2020
Remind personnel on what constitutes good cyber hygiene to thwart any phishing or water-hole attacks, which the Iranian’s have shown themselves to be most adroit at perpetrating.
Cleared Personnel
Since biblical times, the doctrine of “an eye for an eye, a tooth for a tooth” has existed and Iran has shown itself in the past to disregard the norms of global society when it comes to addressing threats and perceived threats. They have demonstrated over the past 40 years their willingness to conduct “wet” operations (those which result in the death of their target) across the globe.
This reach includes the United States.
In October 2011, Iran planned the assassination of then Saudi Ambassador to the U.S. Adel al-Jubeir while he dined in a Washington D.C. restaurant. The methodology used by the Iranians is especially noteworthy: they attempted to hire members of a Mexican cartel with a $1.5 million dollar inducement to conduct a bombing, resulting in the death of al-Jubeir.
FSO’s foreign travel briefings must include admonishments to dress for the environment in which you are traveling. Eschew outerwear which broadcasts that one is from the United States, to include ball caps of their favorite sports team, USA memorabilia, flags on the lapel, etc. There is no need to make themselves a target of convenience. On December 31 during the attack on the U.S. Embassy in Baghdad, two French journalists were abducted by the IRGC-backed militia. While they were subsequently released, the fact of the matter is those abducting these two individuals are believed to have thought they were from the United States.
Access to appropriate travel advice and information is readily available, to help prepare cleared employees for both work and professional travel. A series of travel security checklists to enhance one’s travel security is available at Securely Travel.
In sum, Iran has teeth and a demonstrated deadly bite.
They also have the assistance and knowledge of Monica Witt, who worked within the U.S. counterintelligence community and has shown herself to be most useful to Iran. We can be certain she is assisting the IRGC today, given Witt’s willingness to assist Iran in their recent targeting via social media of U.S. military personnel.
FSO’s will be well served to issue an advisory to their constituents on both the counterintelligence threat posed by Iran, and the physical and personal security threat to both facilities and personnel.